How to communicate/share a session between pages over HTTP and HTTPS
Posted
by spirytus
on Stack Overflow
See other posts from Stack Overflow
or by spirytus
Published on 2010-05-11T23:28:48Z
Indexed on
2010/05/11
23:44 UTC
Read the original article
Hit count: 288
What is common practice for coding web applications where part of the site has to be secured (e.g. checkout section) and part not necessarily, let's say homepage? As far as I know sharing sessions in between HTTP and HTTPS parts of the site is not easily possible (or is it?). What would be common approach if I wanted to display on HTTP page like homepage, shopping cart data (items) that users ordered on HTTPS pages? How those two parts of the site would communicate if necessary? Also isn't it security flaw in popular shopping carts as it seems that many of these have only checkout pages secured (SSL) and the rest not? I'm using PHP if it makes any difference.
© Stack Overflow or respective owner